CVE-1999-1080
First published: Wed May 10 1995(Updated: )
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun SunOS | =5.7 | |
| =5.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-1999-1080?
CVE-1999-1080 is considered a high severity vulnerability due to its potential to allow local users to gain root privileges.
How do I fix CVE-1999-1080?
To mitigate CVE-1999-1080, ensure that file systems are mounted with the nosuid flag and validate that all system updates and patches are applied.
Who is affected by CVE-1999-1080?
CVE-1999-1080 affects users of SunOS 5.7, particularly those with physical access to the system.
What type of vulnerability is CVE-1999-1080?
CVE-1999-1080 is a privilege escalation vulnerability that arises from improper handling of the nosuid mount option.
Is there a risk of exploit with CVE-1999-1080?
Yes, if successfully exploited, CVE-1999-1080 allows local users to execute setuid programs with root privileges, posing a significant security risk.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- vendor/sun
- canonical/sun sunos
- version/sun sunos/5.7